subscription management tool for sles 12 sp4 - suse linux ... · pdf file 4 managing...

Subscription Management Tool for SLES 12 SP4

SUSE Linux Enterprise Server 12 SP4

Subscription Management Tool for SLES 12 SP4 SUSE Linux Enterprise Server 12 SP4 by Tomáš Bažant, Jakub Friedl, and Florian Nadge

Publication Date: May 15, 2020

SUSE LLC 10 Canal Park Drive Suite 200 Cambridge MA 02141 USA

https://www.suse.com/documentation

Copyright © 2006– 2020 SUSE LLC and contributors. All rights reserved.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Docu-

mentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright

notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation

License”.

For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the prop-

erty of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its affiliates.

Asterisks (*) denote third-party trademarks.

All information found in this book has been compiled with utmost attention to detail. However, this does not

guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors nor the translators shall be held liable

for possible errors or the consequences thereof.

https://www.suse.com/documentation https://www.suse.com/company/legal/

Contents

About This Guide vii

1 SMT Installation 1 1.1 SMT Configuration Wizard 2

1.2 Upgrading from Previous Versions of SMT 4 Upgrade from SMT 12 SP1 5 • Upgrade from SMT 11 SP3 5

1.3 Enabling SLP Announcements 7

2 SMT Server Configuration 8 2.1 Activating and Deactivating SMT with YaST 9

2.2 Setting the Update Server Credentials with YaST 10

2.3 Setting SMT Database Password with YaST 12

2.4 Setting E-mail Addresses to Receive Reports with YaST 12

2.5 Setting the SMT Job Schedule with YaST 13

3 Mirroring Repositories on the SMT Server 16 3.1 Mirroring Credentials 16

3.2 Managing Software Repositories with SMT Command Line Tools 17 Updating the Local SMT Database 17 • Enabled Repositories and

Repositories That Can Be Mirrored 17 • Getting Information about

Repositories 17 • Selecting Repositories to Be Mirrored 18 • Deleting

Mirrored Repositories 20 • Mirroring Custom Repositories 20

3.3 The Structure of /srv/www/htdocs for SLE 11 21

3.4 The Structure of /srv/www/htdocs for SLE 12 23

3.5 Using the Test Environment 23

3.6 Testing and Filtering Update Repositories with Staging 24

iii SMT Guide

3.7 Repository Preloading 27

4 Managing Repositories with YaST SMT Server Management 29

4.1 Starting SMT Management Module 29

4.2 Viewing and Managing Repositories 29 Filtering Repositories 30 • Mirroring Repositories 30

4.3 Staging Repositories 31

4.4 Jobs and Client Status Monitoring 33 Checking the Client Status with YaST 35

5 Managing Client Machines with SMT 37 5.1 Listing Registered Clients 37

5.2 Deleting Registrations 37

5.3 Manual Registration of Clients at SUSE Customer Center 37

5.4 Scheduling Periodic Registrations of Clients at SUSE Customer Center 38

5.5 Compliance Monitoring 39

6 SMT Reports 41 6.1 Report Schedule and Recipients 41

6.2 Report Output Formats and Targets 42

7 SMT Tools and Configuration Files 44 7.1 Important Scripts and Tools 44

SMT JobQueue 44 • /usr/sbin/smt Commands 45 • SMT systemd

Commands 59

7.2 SMT Configuration Files 60 /etc/smt.conf 60 • /etc/smt.d/smt-cron.conf 68

iv SMT Guide

7.3 Server Certificates 69 Certificate Expiration 69 • Creating a New Common

Server Certificate 69 • Importing a Common Server

Certificate 71 • Synchronizing Time between SMT Server and Clients 72

8 Configuring Clients to Use SMT 73 8.1 Using Kernel Parameters to Access an SMT Server 74

8.2 Configuring Clients with AutoYaST Profile 76 Configuring SUSE Linux Enterprise 11 Clients 76 • Configuring SUSE Linux

Enterprise 12 Clients 77

8.3 Configuring Clients with the clientSetup4SMT.sh Script in SLE 11 and 12 77 Problems Downloading GPG Keys from the Server 79

8.4 Configuring Clients with YaST 80 Configuring Clients with YaST in SLE 11 80 • Configuring Clients with YaST in

SLE 12 80

8.5 Registering SLE11 Clients against SMT Test Environment 81

8.6 Registering SLE12 Clients against SMT Test Environment 81

8.7 Listing Accessible Repositories 81

8.8 Online Migration of SUSE Linux Enterprise Clients 82

8.9 How to Update Red Hat Enterprise Linux with SMT 82 How to Prepare SMT Server for Mirroring and Publishing Updates for

RHEL 82 • How to Configure the YUM Client on RHEL 5.2 to Receive Updates

from SMT 83 • How to Configure the UP2DATE Client on RHEL 3.9 and

4.7 to Receive Updates from SMT 84 • How to Register RHEL 5.2 against

SMT 85 • How to Register RHEL 4.7 and RHEL 3.9 against SMT 85

9 Advanced Topics 87 9.1 Backup of the SMT Server 87

Configuration Files and Repositories 87 • The Database 88

9.2 Disconnected SMT Servers 88

v SMT Guide

A SMT REST API 93

B Documentation Updates 104 B.1 October 2018 (Documentation Maintenance Update for SUSE Linux

Enterprise Server 12 SP3) 104

B.2 September 2017 (Initial Release of SUSE Linux Enterprise Server 12 SP3) 105

B.3 April 2017 (Documentation Maintenance Update for SUSE Linux Enterprise Server 12 SP2) 105

B.4 November 2016 (Initial Release of SUSE Linux Enterprise Server 12 SP2) 106

B.5 March 2016 (Documentation Maintenance Update for SUSE Linux Enterprise Server 12 SP1) 107

B.6 December 2015 (Initial Release of SUSE Linux Enterprise Server 12 SP1) 108

vi SMT Guide

About This Guide

Subscription Management Tool (SMT) for SUSE Linux Enterprise 12 SP4 allows enterprise cus- tomers to optimize the management of SUSE Linux Enterprise software updates and subscription entitlements. It establishes a proxy system for SUSE® Customer Center with repository (formerly known as catalog) and registration targets. This helps you centrally manage software updates within the firewall on a per-system basis, while maintaining your corporate security policies and regulatory compliance.

SMT allows you to provision updates for all of your devices running a product based on SUSE Linux Enterprise. By downloading these updates once and distributing them throughout the en- terprise, you can set more restrictive firewall policies. This also reduces bandwidth usage, as there is no need to download the same updates for each device. SMT is fully supported and avail- able as a download for customers with an active SUSE Linux Enterprise product subscription.

Subscription Management Tool provides functionality that can be useful in many situations, including the following:

You want to update both SUSE Linux Enterprise and RedHat Enterprise Linux servers.

You want to get a detailed overview of your company's license compliance.

Not all machines in your environment can be connected to SUSE Customer Center to reg- ister and retrieve updates for bandwidth or security reasons.

There are SUSE Linux Enterprise hosts that are restricted and difficult to update without putting in place a custom update management solution.

You need to integrate additional software update external or internal repositories into your update solution.

You are looking for a turnkey box staging solution for testing updates before releasing them to the clients.

You want to have a quick overview of the patch status of your SUSE Linux Enterprise servers and desktops.

vii SLES 12 SP4

FIGURE 1: SMT

1 Overview

The Subscription Management Tool Guide is divided into the following chapters:

SMT Installation

Introduction to the SMT installation process and the SMT Configuration Wizard. You will learn how to install the SMT add-on on your base system during the installation process or on an already installed base system.

SMT Server Configuration

Description of the YaST configuration module SMT Server. This chapter explains how to set and configure organization credentials, SMT database passwords, and e-mail addresses to send SMT reports, or set the SMT job schedule, and activate or deactivate the SMT service.

Mirroring Repositories on the SMT Server

Explanation of how to mirror the installation and update sources with YaST.

Managing Repositories with YaST SMT Server Management

Description of how to register client machines on SUSE Customer Center. The client ma- chines must be configured to use SMT.

viii Overview SLES 12 SP4

SMT Reports

In-depth look at generated reports based on SMT data. Generated reports contain statis- tics of all registered machines and products used and of all active, expiring, or missing subscriptions.

SMT Tools and Configuration Files

Description of the most important scripts, configuration les and certificates supplied with SMT.

Configuring Clients to Use SMT

Introduction to configuring any client machine to register against SMT and download soft- ware updates from there instead of communicating directly with the SUSE Customer Cen- ter.

2 Additional Docum